Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPFix 2015.1.15.1 par Nicolas Coolman, Update du 15/01/2015
Fichier d'export Registre :
Run by Faical at 3/25/2015 10:58:57 PM
High Elevated Privileges : OK
Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)
Recycle Bin emptied (04mn AMs)
========== Software ==========
REMOVES: Bing Bar
========== Process memory ==========
REMOVES Reboot: Memory Process: C:\Users\Faical\AppData\Roaming\uTorrent\uTorrent.exe
========== Registry keys ==========
REMOVES: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent
REMOVES:* HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent
REMOVES: HKCU\Software\BitTorrent
REMOVES: HKCU\Software\Tencent
REMOVES: HKLM\Software\Wow6432Node\Tencent
REMOVES:* StartupReg: SynTPEnh
ERROR O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
REMOVES O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\71526112.sys . (...) -- C:\Windows\System32\Drivers\71526112.sys (.not file.)
ERROR O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
REMOVES O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\71526112.sys . (...) -- C:\Windows\System32\Drivers\71526112.sys (.not file.)
REMOVES:* CLSID Extra Buttons: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}
REMOVES:* CLSID Extra Buttons: {2670000A-7350-4f3c-8081-5663EE0C6C49}
REMOVES:* CLSID Extra Buttons: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
REMOVES: [HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
REMOVES:* Mozilla Plugin: @videolan.org/vlc,version=2.0.6
========== Registry values ==========
REMOVES [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent
REMOVES: TCP Query User{529F591A-78B8-4E40-81A5-7584216ECFE5}C:\program files (x86)\bittorrent sync\btsync.exe
REMOVES: UDP Query User{B6E7197D-E468-4DEB-9B09-48FA553AADF2}C:\program files (x86)\bittorrent sync\btsync.exe
REMOVES: {1069D30C-FBD6-4A21-8222-CDF755E08130}
REMOVES: {9F8873AD-8346-4B75-89AD-62D677B5768E}
REMOVES: TCP Query User{4B73FFA1-7CFF-4618-939B-90A1F0B2DF16}C:\program files (x86)\tencent\qqplayer\qqplayer.exe
REMOVES: UDP Query User{593CE21A-A512-4850-BBA1-10870936DE4E}C:\program files (x86)\tencent\qqplayer\qqplayer.exe
REMOVES RunValue: GoogleDriveSync
REMOVES RunValue: Facebook Update
REMOVES RunValue: F.lux
REMOVES RunValue: IDMan
REMOVES RunValue: APSDaemon
REMOVES RunValue: DTRun
REMOVES RunValue: PDF Complete
ABSENT value Standard Profile: FirewallRaz :
ABSENT value Domain Profile: FirewallRaz :
REMOVES: FirewallRaz (Private) : TCP Query User{9745ED90-A038-46C0-A24D-093D13397522}C:\users\faical\appdata\roaming\cacaoweb\cacaoweb.exe
REMOVES: FirewallRaz (Private) : UDP Query User{506A522B-994D-4B37-A3DA-0C9FD69C7DA2}C:\users\faical\appdata\roaming\cacaoweb\cacaoweb.exe
REMOVES: FirewallRaz (Public) : {7F3D7863-345D-4357-9D5E-9F528453BF7C}
REMOVES: FirewallRaz (Public) : {8C531ACF-A37C-44BA-82C6-0E969763FD8C}
ProxyFix : Proxy configuration successfully removed
REMOVES ProxyServer Value
REMOVES ProxyEnable Value
REMOVES EnableHttp1_1 Value
REMOVES ProxyHttp1.1 Value
REMOVES ProxyOverride Value
========== Elements of the registry data ==========
REMOVES AppInit: mana AntiLogger Free.) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(2).dll
REMOVES TCPIP: DhcpNameServer = 192.168.1.1
REMOVES: R1 Search Page = res://ieframe.dll/tabswelcome.htm
========== Preferences browser ==========
REMOVES Mozilla Pref: user_pref("extensions.wrc.SearchRules.google.com.style", ".WRCN {display:none} .r .WRCN, .osl .WRCN, .bc .WRCN, .fc .WRCN, #rhslin[...]
REMOVES Mozilla Pref: user_pref("extensions.wrc.SearchRules.google.com.url", "^http(s)?\\:\\/\\/((.)+\\.)?google\\.(com|[a-z\\.]{2,})\\/(.)*");
REMOVES Mozilla Pref: user_pref("extensions.wrc.SearchRules.public.avast.com.style", ".WRCN {display:inline; background: url(\"IMAGE\") right no-repeat}[...]
REMOVES Mozilla Pref: user_pref("extensions.wrc.SearchRules.public.avast.com.url", "^http(s)?\\:\\/\\/public\\.avast\\.com\\/(.)*");
REMOVES Mozilla Pref: user_pref("extensions.wrc.SearchRules.seznam.cz.style", ".WRCN {display:none} #results .WRCN, .sklik-title > .WRCN {display:inline[...]
REMOVES Mozilla Pref: user_pref("extensions.wrc.SearchRules.seznam.cz.url", "^http(s)?\\:\\/\\/search\\.seznam\\.cz\\/(.)*");
========== Folders ==========
REMOVES: c:\program files (x86)\bittorrent sync
REMOVES: c:\program files (x86)\tencent
REMOVES: c:\programdata\tencent
REMOVES: c:\users\faical\appdata\roaming\bittorrent sync
REMOVES: c:\users\faical\appdata\roaming\tencent
REMOVES Reboot:** c:\users\faical\appdata\roaming\utorrent
REMOVES: c:\users\faical\appdata\roaming\microsoft\windows\start menu\programs\tencent
REMOVES: C:\Users\Faical\AppData\Roaming\uTorrent
Deletes temporary Windows (38)
REMOVES Flash Cookies (0)
========== Files ==========
REMOVES: c:\users\faical\appdata\roaming\utorrent\utorrent.exe
REMOVES: c:\windows\prefetch\totalplushd-3.1v15.01-codedow-0db00e50.pf
REMOVES: c:\windows\prefetch\utorrent.exe-d152bd4b.pf
REMOVES: c:\users\faical\appdata\local\facebook\update\facebookupdate.exe
REMOVES: c:\users\faical\appdata\local\fluxsoftware\flux\flux.exe
REMOVES Reboot: c:\program files (x86)\internet download manager\idman.exe
REMOVES: c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
REMOVES: c:\users\faical\appdata\roaming\microsoft\internet explorer\quick launch\internet explorer.lnk (http://www.bahaty.com)
CREATES: C:\Users\Faical\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.LNK
REMOVES: c:\users\faical\appdata\roaming\microsoft\internet explorer\quick launch\�torrent.lnk
REMOVES: c:\users\faical\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\�torrent.lnk
REMOVES: c:\users\faical\desktop\�torrent.lnk
Deletes temporary Windows (171) (44,304,237 octets)
REMOVES Flash Cookies (0) (0 octets)
========== System restore ==========
The system successfully created restore point
========== Summary ==========
1 : Process memory
15 : Registry keys
26 : Registry values
3 : Elements of the registry data
10 : Folders
14 : Files
1 : Software
6 : Preferences browser
1 : System restore
End of clean in 58mn AMs
========== Path to file report ==========
C:\Users\Faical\AppData\Roaming\ZHP\ZHPFix[R1].txt - 1/29/2014 2:16:06 PM [9293]
C:\Users\Faical\AppData\Roaming\ZHP\ZHPFix[R2].txt - 3/25/2015 10:59:01 PM [6538]
Fichier d'export Registre :
Run by Faical at 3/25/2015 10:58:57 PM
High Elevated Privileges : OK
Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)
Recycle Bin emptied (04mn AMs)
========== Software ==========
REMOVES: Bing Bar
========== Process memory ==========
REMOVES Reboot: Memory Process: C:\Users\Faical\AppData\Roaming\uTorrent\uTorrent.exe
========== Registry keys ==========
REMOVES: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent
REMOVES:* HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent
REMOVES: HKCU\Software\BitTorrent
REMOVES: HKCU\Software\Tencent
REMOVES: HKLM\Software\Wow6432Node\Tencent
REMOVES:* StartupReg: SynTPEnh
ERROR O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
REMOVES O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\71526112.sys . (...) -- C:\Windows\System32\Drivers\71526112.sys (.not file.)
ERROR O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
REMOVES O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\71526112.sys . (...) -- C:\Windows\System32\Drivers\71526112.sys (.not file.)
REMOVES:* CLSID Extra Buttons: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}
REMOVES:* CLSID Extra Buttons: {2670000A-7350-4f3c-8081-5663EE0C6C49}
REMOVES:* CLSID Extra Buttons: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
REMOVES: [HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
REMOVES:* Mozilla Plugin: @videolan.org/vlc,version=2.0.6
========== Registry values ==========
REMOVES [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent
REMOVES: TCP Query User{529F591A-78B8-4E40-81A5-7584216ECFE5}C:\program files (x86)\bittorrent sync\btsync.exe
REMOVES: UDP Query User{B6E7197D-E468-4DEB-9B09-48FA553AADF2}C:\program files (x86)\bittorrent sync\btsync.exe
REMOVES: {1069D30C-FBD6-4A21-8222-CDF755E08130}
REMOVES: {9F8873AD-8346-4B75-89AD-62D677B5768E}
REMOVES: TCP Query User{4B73FFA1-7CFF-4618-939B-90A1F0B2DF16}C:\program files (x86)\tencent\qqplayer\qqplayer.exe
REMOVES: UDP Query User{593CE21A-A512-4850-BBA1-10870936DE4E}C:\program files (x86)\tencent\qqplayer\qqplayer.exe
REMOVES RunValue: GoogleDriveSync
REMOVES RunValue: Facebook Update
REMOVES RunValue: F.lux
REMOVES RunValue: IDMan
REMOVES RunValue: APSDaemon
REMOVES RunValue: DTRun
REMOVES RunValue: PDF Complete
ABSENT value Standard Profile: FirewallRaz :
ABSENT value Domain Profile: FirewallRaz :
REMOVES: FirewallRaz (Private) : TCP Query User{9745ED90-A038-46C0-A24D-093D13397522}C:\users\faical\appdata\roaming\cacaoweb\cacaoweb.exe
REMOVES: FirewallRaz (Private) : UDP Query User{506A522B-994D-4B37-A3DA-0C9FD69C7DA2}C:\users\faical\appdata\roaming\cacaoweb\cacaoweb.exe
REMOVES: FirewallRaz (Public) : {7F3D7863-345D-4357-9D5E-9F528453BF7C}
REMOVES: FirewallRaz (Public) : {8C531ACF-A37C-44BA-82C6-0E969763FD8C}
ProxyFix : Proxy configuration successfully removed
REMOVES ProxyServer Value
REMOVES ProxyEnable Value
REMOVES EnableHttp1_1 Value
REMOVES ProxyHttp1.1 Value
REMOVES ProxyOverride Value
========== Elements of the registry data ==========
REMOVES AppInit: mana AntiLogger Free.) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(2).dll
REMOVES TCPIP: DhcpNameServer = 192.168.1.1
REMOVES: R1 Search Page = res://ieframe.dll/tabswelcome.htm
========== Preferences browser ==========
REMOVES Mozilla Pref: user_pref("extensions.wrc.SearchRules.google.com.style", ".WRCN {display:none} .r .WRCN, .osl .WRCN, .bc .WRCN, .fc .WRCN, #rhslin[...]
REMOVES Mozilla Pref: user_pref("extensions.wrc.SearchRules.google.com.url", "^http(s)?\\:\\/\\/((.)+\\.)?google\\.(com|[a-z\\.]{2,})\\/(.)*");
REMOVES Mozilla Pref: user_pref("extensions.wrc.SearchRules.public.avast.com.style", ".WRCN {display:inline; background: url(\"IMAGE\") right no-repeat}[...]
REMOVES Mozilla Pref: user_pref("extensions.wrc.SearchRules.public.avast.com.url", "^http(s)?\\:\\/\\/public\\.avast\\.com\\/(.)*");
REMOVES Mozilla Pref: user_pref("extensions.wrc.SearchRules.seznam.cz.style", ".WRCN {display:none} #results .WRCN, .sklik-title > .WRCN {display:inline[...]
REMOVES Mozilla Pref: user_pref("extensions.wrc.SearchRules.seznam.cz.url", "^http(s)?\\:\\/\\/search\\.seznam\\.cz\\/(.)*");
========== Folders ==========
REMOVES: c:\program files (x86)\bittorrent sync
REMOVES: c:\program files (x86)\tencent
REMOVES: c:\programdata\tencent
REMOVES: c:\users\faical\appdata\roaming\bittorrent sync
REMOVES: c:\users\faical\appdata\roaming\tencent
REMOVES Reboot:** c:\users\faical\appdata\roaming\utorrent
REMOVES: c:\users\faical\appdata\roaming\microsoft\windows\start menu\programs\tencent
REMOVES: C:\Users\Faical\AppData\Roaming\uTorrent
Deletes temporary Windows (38)
REMOVES Flash Cookies (0)
========== Files ==========
REMOVES: c:\users\faical\appdata\roaming\utorrent\utorrent.exe
REMOVES: c:\windows\prefetch\totalplushd-3.1v15.01-codedow-0db00e50.pf
REMOVES: c:\windows\prefetch\utorrent.exe-d152bd4b.pf
REMOVES: c:\users\faical\appdata\local\facebook\update\facebookupdate.exe
REMOVES: c:\users\faical\appdata\local\fluxsoftware\flux\flux.exe
REMOVES Reboot: c:\program files (x86)\internet download manager\idman.exe
REMOVES: c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
REMOVES: c:\users\faical\appdata\roaming\microsoft\internet explorer\quick launch\internet explorer.lnk (http://www.bahaty.com)
CREATES: C:\Users\Faical\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.LNK
REMOVES: c:\users\faical\appdata\roaming\microsoft\internet explorer\quick launch\�torrent.lnk
REMOVES: c:\users\faical\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\�torrent.lnk
REMOVES: c:\users\faical\desktop\�torrent.lnk
Deletes temporary Windows (171) (44,304,237 octets)
REMOVES Flash Cookies (0) (0 octets)
========== System restore ==========
The system successfully created restore point
========== Summary ==========
1 : Process memory
15 : Registry keys
26 : Registry values
3 : Elements of the registry data
10 : Folders
14 : Files
1 : Software
6 : Preferences browser
1 : System restore
End of clean in 58mn AMs
========== Path to file report ==========
C:\Users\Faical\AppData\Roaming\ZHP\ZHPFix[R1].txt - 1/29/2014 2:16:06 PM [9293]
C:\Users\Faical\AppData\Roaming\ZHP\ZHPFix[R2].txt - 3/25/2015 10:59:01 PM [6538]